Filter
Top Products
Chapter 14 IPSec VPN
ZyWALL 2WG User’s Guide
331
Figure 208 VPN Log Example
14.12 IPSec Debug
If you are having difficulty building an IPSec tunnel to a non-ZyXEL IPSec router, advanced
users may wish to examine the IPSec debug feature (in the commands).
ras> sys log disp ike ipsec
# .time source destination notes
message
0|01/11/2001 18:47:22 |5.6.7.8 |5.1.2.3 |IKE
Rule [ex-1] Tunnel built successfully
1|01/11/2001 18:47:22 |5.6.7.8 |5.1.2.3 |IKE
The cookie pair is : 0xDAC0B43FBDE154F5 / 0xC5156C099C3F7DCA
2|01/11/2001 18:47:22 |5.6.7.8 |5.1.2.3 |IKE
Send:[HASH]
3|01/11/2001 18:47:22 |5.6.7.8 |5.1.2.3 |IKE
The cookie pair is : 0xDAC0B43FBDE154F5 / 0xC5156C099C3F7DCA
4|01/11/2001 18:47:22 |5.6.7.8 |5.1.2.3 |IKE
Adjust TCP MSS to 1398
5|01/11/2001 18:47:22 |5.1.2.3 |5.6.7.8 |IKE
Recv:[HASH][SA][NONCE][ID][ID]
6|01/11/2001 18:47:22 |5.1.2.3 |5.6.7.8 |IKE
The cookie pair is : 0xDAC0B43FBDE154F5 / 0xC5156C099C3F7DCA
7|01/11/2001 18:47:21 |5.6.7.8 |5.1.2.3 |IKE
IKE Packet Retransmit
8|01/11/2001 18:47:21 |5.6.7.8 |5.1.2.3 |IKE
The cookie pair is : 0xDAC0B43FBDE154F5 / 0xC5156C099C3F7DCA
9|01/11/2001 18:47:17 |5.6.7.8 |5.1.2.3 |IKE
Send:[HASH][SA][NONCE][ID][ID]
10|01/11/2001 18:47:17 |5.6.7.8 |5.1.2.3 |IKE
The cookie pair is : 0xDAC0B43FBDE154F5 / 0xC5156C099C3F7DCA
11|01/11/2001 18:47:17 |5.6.7.8 |5.1.2.3 |IKE
Start Phase 2: Quick Mode
12|01/11/2001 18:47:17 |5.6.7.8 |5.1.2.3 |IKE
The cookie pair is : 0xDAC0B43FBDE154F5 / 0xC5156C099C3F7DCA
13|01/11/2001 18:47:17 |5.6.7.8 |5.1.2.3 |IKE
Phase 1 IKE SA process done
14|01/11/2001 18:47:17 |5.6.7.8 |5.1.2.3 |IKE
The cookie pair is : 0xDAC0B43FBDE154F5 / 0xC5156C099C3F7DCA
15|01/11/2001 18:47:17 |5.1.2.3 |5.6.7.8 |IKE
Recv:[ID][HASH][NOTFY:INIT_CONTACT]9C3F7DCA
16|01/11/2001 18:47:17 |5.1.2.3 |5.6.7.8 |IKE
The cookie pair is : 0xDAC0B43FBDE154F5 / 0xC5156C099C3F7DCA
17|01/11/2001 18:47:15 |5.6.7.8 |5.1.2.3 |IKE
Send:[ID][HASH][NOTFY:INIT_CONTACT]9C3F7DCA